mailing list archives
RE: NAT external/Public IP
From: Jason Alexander <jalexander () plus net>
Date: Fri, 26 Oct 2007 09:19:21 +0100
Looks like a requirement?
<snip>1.5 Implement IP masquerading to prevent internal addresses from being translated and revealed on the Internet.
Use technologies that implement RFC 1918 address space, such as port address translation (PAT) or network address
From: Eric Furman [mailto:ericfurman () fastmail net]
Sent: 25 October 2007 18:13
To: Jason Alexander; Security Basics
Subject: RE: NAT external/Public IP
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com]
On Behalf Of Ansgar -59cobalt- Wiechers
Sent: 25 October 2007 15:49
To: security-basics () securityfocus com
Subject: Re: NAT external/Public IP
On 2007-10-25 crazy frog crazy frog wrote:
On 24 Oct 2007 15:46:21 -0000, smarts_buy () yahoo com wrote:
Would like know is ther any security concern to bring in
external/public IP with out NAT to inside of the enterprise network.
Is it any way more secure if we use NAT?
2)If you allow lots of machine to direct access the internet with
external ip they may pose a security risk.
How would that pose a risk that would not exist with NAT'ed machines?
On Thu, 25 Oct 2007 16:28:13 +0100, "Jason Alexander"
<jalexander () plus net> said:
If its not a security risk then why is it a PCI requirement?
If you are talking about Payment Card Industry (PCI) Data Security Standard, there isn't one for NAT.